- The use of credit cards to complete sales transactions in a contact center has become commonplace, but assuming all contact centers have taken appropriate actions to mitigate the risks associated with these transactions is a mistake.
- Since standards are not yet fully developed, customer service managers should implement agent-assisted solutions that enable agents to obtain personally identifiable information, such as credit card numbers and codes, without ever actually seeing or hearing it themselves.
Contact center compliance with the Payment Card Industry Data Security Standard (PCI-DSS), often referred to as PCI compliance, brings key security benefits to customer service operations and non-compliance can often have severe, long-lasting consequences. PCI is the global data security standard that businesses and their customer interaction centers are required to follow in order to accept credit/debit card payments and to store and process related information at their site and/or transmit cardholder data between locations. The obvious and immediate benefits of PCI compliance are likely to be increased customer security and trust, decreased customer churn and an improved status with credit card payment partners such as American Express, MasterCard and VISA, which will often require PCI compliance of their business partners. Longer-term indirect benefits can include the fact that your center will likely be better prepared to include other security regulations as they are rolled out, such as the Health Insurance Portability and Accountability Act (HIPPA) and Sarbanes-Oxley (SOX), if applicable to your business situation. The bottom line is that if you operate a contact center that handles customer personal and financial information, PCI compliance is becoming more important, if not mandatory. Continue reading “Gambling with Customer Transaction Information Can Be Risky Business”